icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
Israel-Iran tensions
29 Mar, 2013 03:02
HomeUSA News

New malware goes directly to US ATMs and cash registers for card info

New malware goes directly to US ATMs and cash registers for card info
AFP Photo / Mario Tama © AFP

While many consumers already take precautions when shopping online, they may need to start being even more careful - as a new report shows malware is focusing on physical registers and ATMs compromised by attackers looking to harvest card data.

Research conducted by the Russian-based security company Group-IB recently discovered malware called “Dump Memory Grabber,” which it believes has already been used to steal debit and credit card information from customers using major US banks including Chase, Citibank and Capital One, Security Weekly reports.

The malicious code is evidently being installed directly into point-of-sale (POS) hardware (meaning registers or kiosks) and ATMs, and transmitting the harvested information straight out of the magnetic stripes on credit and debit cards - which includes everything from account numbers, to first and last names and expiration dates.

And just how are attackers infecting physical systems? Security researchers point to USB drives as the likely culprits, as modern register systems often have accessible ports, as well as direct connections to the Web.

According to Security Weekly, the harvested information can then be used to produce cloned cards, and they are likely succeeding with the help of individuals with direct access to the POS systems and ATMs - which could include employees.

Group-IB analyzed a video evidently posted by the coder behind Dump Memory Grabber, which includes stolen card numbers, and suggests he (or perhaps she) goes by the name “Wagner Richard,” and is likely inside Russia.

This is of course not the first time that attacks have been directed at physical machines like registers or bank ATMs, though using malware is a stealthier approach than physical “skimmer” ploys, which involve mouldings placed on top of the ATM card slots and keypads that log information from unsuspecting customers.

Researchers with Group-IB believe that Dump Memory Grabber is likely part of a larger cyber-crime gang, a Russian-offshoot of the amorphous Anonymous community, and include members in Ukraine and Armenia. In addition to this latest malware, the group is allegedly also for hire to carry out DDoS attacks.

Top stories

RT Features

Judge dread: What is the fate of the law in a key African state?
Judge dread: What is the fate of the law in a key African state? FEATURE
Middle East redefined: Iran’s retaliatory attack on Israel signaled a major change in the region
Middle East redefined: Iran’s retaliatory attack on Israel signaled a major change in the region FEATURE
Who is Narendra Modi, the Indian strongman seeking a third term in the 2024 polls?
Who is Narendra Modi, the Indian strongman seeking a third term in the 2024 polls? FEATURE

Top stories

RT Features

Judge dread: What is the fate of the law in a key African state?
Judge dread: What is the fate of the law in a key African state? FEATURE
Middle East redefined: Iran’s retaliatory attack on Israel signaled a major change in the region
Middle East redefined: Iran’s retaliatory attack on Israel signaled a major change in the region FEATURE
Who is Narendra Modi, the Indian strongman seeking a third term in the 2024 polls?
Who is Narendra Modi, the Indian strongman seeking a third term in the 2024 polls? FEATURE
Podcasts
All podcasts
The strange death of the American chestnut
0:00
28:18
Charles Glass slams Biden’s Iran hypocrisy, calls Julian Assange one of the bravest men he’s met
0:00
29:16
العربيةespрусdefrrs

RT News App

© Autonomous Nonprofit Organization “TV-Novosti”, 2005–2024. All rights reserved.

This website uses cookies. Read RT Privacy policy to find out more.

Accept cookies